Vulnerability Development mailing list archives
Re: Apache Exploit
From: T0aD <toad () skreel org>
Date: Sat, 22 Jun 2002 16:45:41 +0200
On Fri, 21 Jun 2002 23:57:41 -0400 (EDT) David Bernick <bernz () alpha bernztech org> wrote:
In one case (the RH box), it looked like a TCP lockup condition. The thing just stopped responding to outside stimuli, and right after that, inputs via the local keyboard stopped as well. I haven't had time to dig into it further.I've tested the Gobbles 'sploit against the following machines/platforms: 1. RH Linux 6.1 w Apache 1.2.x PIII 512MB 2. RH Linux 7.2 w Apache 1.3.24 PIII 512MB 3. RH Linux 7.2 w/Tux Webserver PII 128MB 4. RH Linux 7.2 w Apache 1.3.26 DualPIII 1GB 5. RH Liunx 6.1 w Apache 1.3.14 on an Alpha processor 512MB After 1 full day of running the gobbles code in Brute Force mode, I've found that the Tux server wouldn't even accept the Chunked encoding so that seems to pose no threat. On server 1,2 and 5, I have yet to spawn a rootshell, but a single client takes up considerable resources on the target machine.
You think thats a linux shellcode you're using ?! -- toad
Current thread:
- Apache Exploit Stefan Esser (Jun 20)
- Re: Apache Exploit Blue Boar (Jun 20)
- Re: Apache Exploit Randy Taylor (Jun 20)
- Re: Apache Exploit Michal Zalewski (Jun 20)
- Message not available
- Re: Apache Exploit Randy Taylor (Jun 21)
- Re: Apache Exploit David Bernick (Jun 21)
- Re: Apache Exploit T0aD (Jun 22)
- Re: Apache Exploit Alex Balayan (Jun 23)
- Re: Apache Exploit Randy Taylor (Jun 24)
- Re[2]: Apache Exploit dullien (Jun 26)
- Re: Apache Exploit Randy Taylor (Jun 20)
- Re: Apache Exploit Blue Boar (Jun 20)
- Re: Apache Exploit Stefan Esser (Jun 20)
- Re[2]: Apache Exploit dullien (Jun 20)
- Re[2]: Apache Exploit Michal Zalewski (Jun 20)
- Re: Apache Exploit Jefferson Ogata (Jun 20)
- Re: Apache Exploit Michal Zalewski (Jun 21)
- Re: Re[2]: Apache Exploit SpaceWalker (Jun 20)